/**
* Sets the password for this instance.
*
* WARNING: Do not use the legacy mode, it's insecure
*
* @param string $password The password (either user-provided password or binary encryption key) to use
* @param bool $legacyMode True to use the legacy key expansion. We recommend against using it.
*
* @since 4.0.0
* @return void
*/
public function setPassword($password, $legacyMode = false)
{
$this->key = $password;
$passLength = \strlen($password);
if (\function_exists('mb_strlen')) {
$passLength = mb_strlen($password, 'ASCII');
}
// Legacy mode was doing something stupid, requiring a key of 32 bytes. DO NOT USE LEGACY MODE!
if ($legacyMode && $passLength != 32) {
// Legacy mode: use the sha256 of the password
$this->key = hash('sha256', $password, true);
// We have to trim or zero pad the password (we end up throwing half of it away in Rijndael-128 / AES...)
$this->key = $this->adapter->resizeKey($this->key, $this->adapter->getBlockSize());
}
}